EP1535133A2 - Apparatus, system and method for securing digital documents in a digital appliance - Google Patents

Apparatus, system and method for securing digital documents in a digital appliance

Info

Publication number
EP1535133A2
EP1535133A2 EP03793121A EP03793121A EP1535133A2 EP 1535133 A2 EP1535133 A2 EP 1535133A2 EP 03793121 A EP03793121 A EP 03793121A EP 03793121 A EP03793121 A EP 03793121A EP 1535133 A2 EP1535133 A2 EP 1535133A2
Authority
EP
European Patent Office
Prior art keywords
digital
document
drm
appliance
digital document
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
EP03793121A
Other languages
German (de)
English (en)
French (fr)
Inventor
Gidon Elazar
Dan Harkabi
Nehemiah Weingarten
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SanDisk Secure Content Solutions Inc
Original Assignee
MDRM Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by MDRM Inc filed Critical MDRM Inc
Publication of EP1535133A2 publication Critical patent/EP1535133A2/en
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F1/00Details not covered by groups G06F3/00 - G06F13/00 and G06F21/00

Definitions

  • This invention generally relates to digital rights management. More particularly this invention relates to methods of securing digital documents to be used in a digital appliance such as a personal computer.
  • the Internet worldwide network enables many digital appliances to interconnect and exchange information.
  • a particular use of the Internet is to distribute digital files, specifically digital content such as digital books or music files, to the connected appliances.
  • Digital books are substantially less popular and common than music.
  • One of the reasons for the difference between the proliferation of music in digital form and books in digital form is the caution felt by book content rights owners against potential copyright infringement, a lesson learned from the experience of the music industry.
  • Concerns about losing control over the management of rights prevents the usage of the Internet as a powerful digital content distribution infrastructure.
  • Digital rights management (DRM) systems are developed to challenge the above difficulties.
  • Part of the function of a typical DRM system is to define the form of "rights-protected files" - methods that enable the use of digital files under limitations defined by the owner of the rights to the content.
  • These systems typically involve cryptographic methods for the secure distribution of the content between a content repository or server and a digital appliance. Such methods typically require the appliance to include an implementation of cryptographic algorithms and hold cryptographic keys in order to gain access to the content.
  • the access to the content is performed through a program that is DRM sensitive and is hereafter called — an electronic book reader.
  • Examples of electronic book reading software are the Adobe Acrobat, Adobe eBook Reader (http://www.adobe.com) and the Microsoft eBook Reader (http://www.microsoft.com/reader).
  • Such software implements some form of DRM that is engaged when the users attempts to open and view a digital document.
  • One of the operations performed by such electronic book readers is the process of decrypting the document using cryptographic methods and cryptographic keys.
  • the reader program In order to do so, the reader program must have access to the cryptographic methods and keys; therefore the cryptographic methods and keys must reside within the access of the reader program.
  • the cryptographic methods, the keys, or both reside within the reader program, on the document itself, or somewhere within the appliance storage.
  • a digital appliance such as a computer is typically an open platform enabling computer programmers to develop programs.
  • software programs are developed for the purpose of hacking and locating the cryptographic keys and algorithms of a DRM system (hereafter referred to as hacking programs), in order to circumvent the DRM and gain illegal access to the content. This process is generally called an "attack” and if it succeeds it is commonly referred to as to "crack" the DRM system.
  • a computer program that performs this function is referred hereafter as a hacking program. Examples for such successful attacks are well known in the art. In late
  • Other methods include adding tamper resistant hardware to store the cryptographic keys.
  • cryptographic tokens such as iToken of Rainbow Technologies Inc. (ht ://www.rainbow.corn/ikey/index.html) and using a smart card to store cryptographic keys and optionally cryptographic algorithms.
  • Such solutions either reveal the cryptographic key to the digital appliance in the process of decrypting the information, or internally perform the cryptographic functions but reveal the end result in a raw form that can be hacked. In practice these methods were proven to slow, but not halt, an adversary. Given enough time and effort a computer program that "cracks" the DRM system may be written.
  • the keys and methods are stored and executed in a dedicated DRM device that has processing capability distinct from the digital appliance, and does not provide an open environment for at least some security functions of the DRM device for programmers to develop programs.
  • another party may develop additional functions.
  • a digital document file or a section of the digital document that is protected is downloaded from an Internet server to the DRM device through a digital appliance.
  • the digital document is already resident in the DRM device. Once the document is internal to the device, several processes may take place. In some embodiments, if the document is in an encrypted form it is processed through a decryptor to produce a decrypted form.
  • a decrypted digital document can be processed by a formatter internal to the DRM device to produce a formatted form of the digital document or the section of the digital document, such as, but not limited to, a bitmap image of a page of the document.
  • Other examples of formatting include passing plain text to the digital appliance.
  • the DRM device can further process policies such as allowing or disallowing a formatted form of the document to be transferred to the digital appliance, for example in order to be presented to the user.
  • the policy may be based on rights of use, time, number of usage events and so on. Some embodiments involve end use of digital documents. Other embodiments involve end use of music data and/or video data.
  • FIG. 1 is a schematic block diagram of an embodiment of the DRM device
  • FIG. 2 is a schematic block diagram of an exemplary system
  • FIG. 3 is a flowchart of an exemplary method for delivering a digital document file using the system of FIG. 2;
  • FIG. 4 is a flowchart of an exemplary method for using the digital document file of FIG. 3;
  • FIG. 5 is a schematic block diagram of another exemplary system
  • FIG. 6 is a flowchart of another exemplary method for using the digital document file of FIG. 3.
  • FIG. 1 is a diagram of an exemplary embodiment of the DRM device hardware 110, which includes a central processing unit (CPU) 112, an optional system memory 113, non- volatile storage 114, and an interface 116 to connect the device 110 to a digital appliance 120.
  • CPU central processing unit
  • the nonvolatile storage 114 may be included in the CPU 112 or be discrete from the CPU 112; generally, components or subcomponents of the DRM device hardware 110 may be combined with other components or subcomponents of the DRM device for higher integration and perhaps lower cost.
  • the CPU 112 may be a general purpose CPU or a CPU with dedicated functions.
  • the CPU 112 may include internal memory, and internal non- volatile storage which in the description of the present invention may serve a similar purpose of the system memory 113, and non- volatile storage 14 respectively.
  • the CPU 112, the non- volatile storage 114, and/or other components may be implemented as a tamper resistant hardware, or sections of the CPU 112, the non- volatile storage 114, and/or other components may be tamper resistant; the invention is not so limited.
  • the non-volatile storage 114 maybe any of several types of storage including semiconductor based media such as read only memory (ROM), electronic erasable programmable read only memory (EEPROM), flash memory or battery backed up random access memory (RAM); or magnetic media storage such as hard disk drive or floppy disk, or the like.
  • semiconductor based media such as read only memory (ROM), electronic erasable programmable read only memory (EEPROM), flash memory or battery backed up random access memory (RAM); or magnetic media storage such as hard disk drive or floppy disk, or the like.
  • the interface 116 can connect the DRM device 110 with a digital appliance 120 in both physical and communication aspects.
  • the physical aspect can be, for example directly, through one or more cables, and/or wireless.
  • the communication aspect of the interface 116 allows data exchange between the DRM device and the digital appliance.
  • the interface 116 may be any of several types of interfaces, for example PCI, ISA, Universal Serial Bus (USB), Fire Wire, IDE, SCSI, RS-232 or other serial interface, parallel interface, Compact Flash (CF) interface, Sony Memory Stick interface, Multimedia Card
  • the digital appliance 120 is used by an end user for some end use of one or more digital documents.
  • a digital document is data which has an end use of being read by an end user, and at some point prior to end use is stored and/or represented in numerical form.
  • the digital document can have various purposes, for example a corporate purpose such as a sales presentation, a legal contract, a finance spreadsheet, or the like; or an academic purpose, such as an academic book, a published paper, a student class pack reader, or the like; or a commercial purpose, for example a newspaper, a periodical journal, a comics journal, or the like; or the like various purposes that a digital document may have.
  • the digital appliance 120 may be one of several digital appliances such as a personal computer, tablet computers, personal digital assistant (PDA) or other types of hand held devices, cell phones, programmable consumer electronics and the like. End use includes use of the DRM device by an end user to access digital document content.
  • Some examples of tasks which can be performed in connection with accessing the document content include viewing the content of the document or a section of the document, modifying the document, searching the document for a text string, copying parts or all of the document, selecting text within the document to perform an operation on that text, add overlay comments on top of existing content, respond to assignments by adding content to the document or adding content to a matching but separate document, listening to a voice version of the document, printing sections or all of the document, sharing the document with other end users, transferring all or part of the document to other end users, transferring the rights to use the document to other end users, aggregation of several documents or sections of several documents into one or more new documents and other like operations that a user may apply to a digital document.
  • the invention is not so limited.
  • the non- volatile storage 114 contains instructions which may be executed by the CPU 112.
  • the non-volatile storage 114 further may contain: an optional unique device serial number, a method of authentication such as a unique pair of public and private cryptographic keys and a signed authenticity certificate.
  • the instructions stored in the non volatile storage 114 allow the digital appliance 120 to access a portion of the non volatile storage 114 through the interface 116, but prevent access to another portion of the non volatile storage 114, including a portion that stores the private cryptographic key and a portion that stores instructions that execute in a closed environment without enabling user access.
  • the non- volatile storage may also store a plurality of methods for authentication; the invention is not so limited.
  • FIG. 2 is a diagram of an exemplary embodiment of the system which includes a DRM device 210 with an interface 216, a digital appliance 220 with an interface 221 which matches the interface 216 of the DRM device 210, a user interface component 222 on which a processed document may be presented (for example as a visual image, synthesized audio or other form) to the user, the network 230, a content server 240 which is a computer that can transfer digital documents over the network and a license server 250 which is a computer that may transfer authentication and/or decryption and/or policy and/or formatting information over the network.
  • a content server 240 which is a computer that can transfer digital documents over the network
  • a license server 250 which is a computer that may transfer authentication and/or decryption and/or policy and/or formatting information over the network.
  • that information is embedded in one or more files.
  • the servers are optionally interconnected.
  • the system may include a plurality of DRM devices 210, digital appliances 220, content servers 240 and license servers 250, the invention is not so limited. It may be appreciated by those skilled in the art that the content server 240 and the license server 250 may be implemented as separate or unite hardware and/or software components.
  • the interface 221 connects the digital appliance 220 with a DRM device 210.
  • the interface 221 may be any of several types that may be used to connect a device with a digital appliance.
  • the interface 221 of the digital appliance matches the type of interface 216 of the DRM device in a form that enables information to pass between the DRM device 210 and the digital appliance 220.
  • the content server 240 is a computer that can be accessed through a network 230 such as the Internet network.
  • the content server 240 can respond to requests to download content such as digital electronic documents.
  • Examples of content servers can be Amazon.com or another on-line bookseller web site that enables downloading of electronic books to a personal computer, a university web site that enables downloading of electronic versions of articles to a researcher's personal computer, and a corporate web site that enables employees to download corporate documents to their personal computers.
  • a license server 250 is a computer that can be accessed through a network 230 such as the Internet network.
  • a license server 250 can respond to requests to download information such as authentication and/or decryption and/or policy and/or formatting information.
  • This data may include: definition of policies to be used by the DRM device policies, definition of formatting to be used by the DRM device formatters, definition of decryption to be used by the DRM device decryptors, definition of authentication to be used by the DRM device authenticators, parts of the text of the electronic document or parts of the electronic document, information regarding the user, information regarding the rights of the user to one or more end uses (the user may have access to all possible end uses or less than all possible end uses) of the document or part of the document, information regarding the vendor/owner/operator of the system, information regarding the specific DRM device, and other information.
  • the information may be utilized by the DRM device or the digital appliance while the user makes use of the content or in preparation to enable the user to make use of the content or any additional information.
  • the content server 240 and the license server 250 are implemented as separate entities that interconnect through a network and do not directly interconnect. According to another embodiment the servers directly interconnect. According to another embodiment the content server 240 and the license server 250 are implemented as a single entity. The invention is not so limited.
  • An authenticator implemented in a DRM device participates in the process of authenticating the DRM device to a remote server over a network.
  • An authenticator may implement one of several methods of authentication including sending a device ID number to the remote server.
  • Another authenticator uses an encryption secret key known only to the device and the server, and bases the authentication on challenging the device in order to verify that it has possession of the secret key.
  • the server sends an encrypted message to the device, and the authenticator at least decrypts the message and returns it to the server.
  • the same key can be used in a variety of methods to authenticate, for example, by signing a plaintext message and/or decrypting an encrypted message.
  • the authenticator responds to challenges by performing a series of operations such as decrypt a message, process the result, encrypt the result, and return it to the server for verification.
  • the secret key may be stored in the device prior to the authentication process.
  • the stored key can be a single key stored equally on all devices or a dedicated key unique to each device. In the latter case the server should know in advance which key is stored within which device.
  • Another method to authenticate uses a public and private key and a digital certificate. In such an embodiment, the authenticator has access to a private key and a matching public key stored in the device. The private key must be kept secret, but the public key may be made public.
  • the server may then challenge the authenticator with a message encrypted with the device public key to ensure it has access to the matching private key.
  • the authenticator signs a message but does not necessarily encrypt the message.
  • the server can receive from the device a digital certificate, which contains device identification information such as the device serial number or device ID and/or the public key of the device and/or additional information relating to the device, the server, the organization operating the system or any other information.
  • the device identification information is digitally signed by a trusted authority, such as the vendor of the device, owner of the server, the organization operating the system and/or another trusted authority to form a digital certificate for that device.
  • a trusted authority such as the vendor of the device, owner of the server, the organization operating the system and/or another trusted authority to form a digital certificate for that device.
  • Some embodiments of the authenticator can authenticate the DRM device and/or a user of the DRM device.
  • a decryptor in the device participates in the process of transforming encrypted documents or sections of documents into a decrypted form.
  • a decryptor may implement one or more of several methods: symmetric algorithms such as DES, 3DES, AES, and IDEA; and/or asymmetric algorithms such as RSA, Diffie-Hellman, elliptic curve; and/or others.
  • a decryptor may implement one or a plurality of decryption methods.
  • a decryptor may include hashing algorithms such as DSA, MD2, MD4, MD5, HMAC and/or SHA1 and/or others to retrieve a signature and check origin and integrity of the data received.
  • the decryption key or plurality of decryption keys for such operations may originate in one or a plurality of sources.
  • decryption key data can be stored in the non- volatile storage of the DRM device, received from the digital appliance, and/or received from a network server, such as through the digital appliance.
  • Some embodiments receive digital document content which is at least partly decrypted. In such embodiments, obviously the decryptor may or may not process the already decrypted portion.
  • the decryptor can at least partly decrypt - for example, fully decrypt part of a document, and/or perform one or more decryption steps, which can be the complete decryption process or a subset of the complete decryption process, for a whole or part of the document.
  • the document can be received at least partly as plaintext - in other words, received as at least partly unencrypted.
  • a policy in the device participates in the process of verifying the eligibility of end use of a document or a section of a document, allowing or disallowing operations such as decrypting, formatting, searching, and/or transmitting an output to the digital appliance.
  • the verification may check one or several eligibility options, including the right to use the document, the right to use the document up to a certain date, the right to use the document between certain dates, the right to use the document after a certain date, the right to use the document for a certain accumulated usage time, the right to use the document for a certain number of times, the right to transfer the document, the right to modify the document, the right to add overlay information on the document, the right to save the document into the device and/or another location, the right to save the overlay information into the device and/or another location, the right to copy the document, the right to copy portions of the document, the right to copy specific sections of the document, and other rights related to an end user in connection with an end use of the document.
  • a formatter defines a process step in formatting a document into a presentable form.
  • a formatter may do one or more formatting operations including: selecting the section of the document to be presented; conversion of the text, graphics and images to a single or set of digital images in one of many formats such as a bitmap image (BMP) or like form or compressed image such as JPEG, TIFF, GIF; or any other like form; setting spaces between characters and letters according to the required display form; searching the text for a particular text string; generating the layout of the document; drawing the text characters in the appropriate font and font size; and other operations performed in the preparation and conversion of a document into a presentable form.
  • Some embodiments of a formatter degrade at least part of the document.
  • Some embodiments arrange a presentation of the digital document content by presenting visual and/or audio information, such as presenting a voice version of the document.
  • FIG.3 is a flow chart describing an exemplary sequence of operations carried out when a user downloads content from a network server.
  • step 301 one or more users request a digital document to be downloaded to the DRM device that is connected to the digital appliance.
  • the server drives a phase of proving the eligibility of the user to receive the document.
  • User eligibility to receive the content is determined by the server, following rules such as payment, free for use, user authentication, registration or other similar methods that may be used by a user to prove eligibility or to become eligible to receive the document.
  • the server Once the server is ready to download the content, it sends the content through the network to the digital appliance that is attached to the network.
  • the content may be encrypted or parts of it may be encrypted.
  • the DRM device must be presently attached to the digital appliance at the time of transmission. According to another embodiment the DRM device does not necessarily have to be attached at the time of transmission of the document and can be made present later when the document is to be used.
  • the document is transmitted from the network server (depicted as content server) to the digital appliance and from the digital appliance to the DRM device.
  • the document is completely transferred to the digital appliance before being transferred to the DRM device.
  • the document is transferred in sections, where each section is transferred to the DRM device at its own pace.
  • the license is transferred from the network server . (depicted as license server) to the digital appliance and from the digital appliance to the DRM device.
  • the license can be one or more files.
  • the license contains information used by the policy, authenticator, decryptor, and/or formatter in the DRM device.
  • the license server and the content sever are implemented as a single server.
  • the license is embedded in the document to form a single file transferred from a single server. It may be appreciated by those skilled in the art that there exist other methods to sequence the transfer process with the result of having the document or part of the document and the license transferred to the DRM device.
  • Step 304 describes the installation of the license in the non- volatile storage of the DRM device.
  • the license may activate the usage of the document according to the rights defined in the license. According to one embodiment the activation is performed immediately following the installation process. According to another embodiment the activation is performed in a later timeframe, such as at the time of usage of the document.
  • FIG 4 is a flow chart describing an exemplary sequence of operations for using a document for visualization.
  • the user invokes a document usage function in the digital appliance.
  • the digital appliance further sends requests to the DRM device.
  • the DRM device processes the request by performing a sequence of operations, optionally involving one or more decryptors, one or more formatters, and one or more policies on the document or part of the document, before transferring the result to the digital appliance in step 405.
  • part or all of the operations that involve the decryptors, formatters and/or policies is performed before the request from the digital appliance is received.
  • the order of the operations of the decryptors, formatters and policies can be altered and executed in any sequence. The invention is not so limited.
  • FIG 4 is a flow chart describing an exemplary sequence of operations for using a document for visualization.
  • the user invokes a document usage function in the digital appliance.
  • the digital appliance further sends requests to the DRM device.
  • the DRM device processes the request by performing a sequence of operations, optionally involving one or more decryptors, one or more formatters, and one or more policies on the document or part of the document, before transferring the result to the digital appliance in step 405.
  • part or all of the operations that involve the decryptors, formatters and/or policies is performed before the request from the digital appliance is received.
  • the order and existence of the operations of the decryptors, formatters and policies can be altered and can occur in any sequence.
  • FIG. 5 is a diagram of another exemplary embodiment of the system which includes a DRM device 510 with an IC interface 516, a digital appliance 520 with an IC interface 521 which matches the IC interface 516 of the DRM device 510, and a user interface component 522 on which a processed document may be presented (for example as a visual image, synthesized audio or other form) to the user.
  • a DRM device 510 is an integrated circuit executing instructions.
  • the DRM device 510 can be included in the digital appliance 520.
  • the code or data can be stored inside the non- volatile storage of the DRM device IC, and/or can be in storage external to the DRM device IC.
  • the DRM device IC can execute independently from a processor of the digital appliance.
  • FIG. 6 is a flow chart describing another exemplary sequence of operations for using a document for visualization.
  • step 601 at least part of the digital document content is decrypted.
  • step 602 at least one policy is applied.
  • step 603 at least part of the digital document content is formatted.
  • step 604 at least part of the digital document is sent. The order and existence of the operations can be altered and can occur in any sequence.
EP03793121A 2002-08-23 2003-08-18 Apparatus, system and method for securing digital documents in a digital appliance Ceased EP1535133A2 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US227155 2002-08-23
US10/227,155 US20040039932A1 (en) 2002-08-23 2002-08-23 Apparatus, system and method for securing digital documents in a digital appliance
PCT/US2003/025921 WO2004019191A2 (en) 2002-08-23 2003-08-18 Apparatus, system and method for securing digital documents in a digital appliance

Publications (1)

Publication Number Publication Date
EP1535133A2 true EP1535133A2 (en) 2005-06-01

Family

ID=31887415

Family Applications (1)

Application Number Title Priority Date Filing Date
EP03793121A Ceased EP1535133A2 (en) 2002-08-23 2003-08-18 Apparatus, system and method for securing digital documents in a digital appliance

Country Status (8)

Country Link
US (1) US20040039932A1 (zh)
EP (1) EP1535133A2 (zh)
JP (1) JP2005536951A (zh)
KR (1) KR20050058488A (zh)
CN (1) CN1777851A (zh)
AU (1) AU2003263916A1 (zh)
CA (1) CA2495196A1 (zh)
WO (1) WO2004019191A2 (zh)

Families Citing this family (74)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7549056B2 (en) * 1999-03-19 2009-06-16 Broadcom Corporation System and method for processing and protecting content
US20030221109A1 (en) * 2002-05-24 2003-11-27 Pure Edge Solutions, Inc. Method of and apparatus for digital signatures
JP2005535958A (ja) * 2002-08-08 2005-11-24 エム−システムズ フラッシュ ディスク パイオニアーズ リミテッド デジタル著作権管理のための集積回路
US7979700B2 (en) 2002-08-23 2011-07-12 Sandisk Corporation Apparatus, system and method for securing digital documents in a digital appliance
US20040088541A1 (en) * 2002-11-01 2004-05-06 Thomas Messerges Digital-rights management system
US7370212B2 (en) * 2003-02-25 2008-05-06 Microsoft Corporation Issuing a publisher use license off-line in a digital rights management (DRM) system
WO2004086363A2 (en) * 2003-03-27 2004-10-07 M-Systems Flash Disk Pioneers Ltd. Data storage device with full access by all users
US7716288B2 (en) * 2003-06-27 2010-05-11 Microsoft Corporation Organization-based content rights management and systems, structures, and methods therefor
EP1652061A2 (en) * 2003-07-28 2006-05-03 SanDisk Secure Content Solutions, Inc. System, apparatus and method for controlling a storage device
US7712140B2 (en) * 2003-08-04 2010-05-04 Lsi Corporation 3-prong security/reliability/real-time distributed architecture of information handling system
US8220058B2 (en) * 2003-09-25 2012-07-10 Oracle America, Inc. Rendering and encryption engine for application program obfuscation
US7353499B2 (en) * 2003-09-25 2008-04-01 Sun Microsystems, Inc. Multiple instruction dispatch tables for application program obfuscation
US7415618B2 (en) * 2003-09-25 2008-08-19 Sun Microsystems, Inc. Permutation of opcode values for application program obfuscation
US20050069138A1 (en) * 2003-09-25 2005-03-31 Sun Microsystems, Inc., A Delaware Corporation Application program obfuscation
US7424620B2 (en) * 2003-09-25 2008-09-09 Sun Microsystems, Inc. Interleaved data and instruction streams for application program obfuscation
US7363620B2 (en) * 2003-09-25 2008-04-22 Sun Microsystems, Inc. Non-linear execution of application program instructions for application program obfuscation
US20050135622A1 (en) * 2003-12-18 2005-06-23 Fors Chad M. Upper layer security based on lower layer keying
CN101073238A (zh) * 2004-02-03 2007-11-14 桑迪士克防护内容解决公司 数字数据内容的保护
US20050204405A1 (en) * 2004-03-04 2005-09-15 Brian Wormington Method and system for digital rights management
KR101100385B1 (ko) * 2004-03-22 2011-12-30 삼성전자주식회사 인증서 폐지 목록을 이용한 디지털 저작권 관리 방법 및장치
US7861006B2 (en) * 2004-03-23 2010-12-28 Mcnulty Scott Apparatus, method and system for a tunneling client access point
KR101043336B1 (ko) * 2004-03-29 2011-06-22 삼성전자주식회사 디바이스와 휴대형 저장장치간의 디지털 권리객체에 관한정보의 획득 및 제거를 위한 방법 및 장치
KR100636169B1 (ko) 2004-07-29 2006-10-18 삼성전자주식회사 서로 다른 drm이 적용된 콘텐츠의 전송 및 재생 방법
JP2006071695A (ja) * 2004-08-31 2006-03-16 Yamatake Corp 暗号化、復号化プログラム及び暗号システム。
US20060064488A1 (en) * 2004-09-17 2006-03-23 Ebert Robert F Electronic software distribution method and system using a digital rights management method based on hardware identification
US20060064756A1 (en) * 2004-09-17 2006-03-23 Ebert Robert F Digital rights management system based on hardware identification
CN100420181C (zh) * 2004-12-31 2008-09-17 北京中星微电子有限公司 一种数字版权管理媒体信息处理方法
KR20070096023A (ko) * 2005-01-18 2007-10-01 코닌클리케 필립스 일렉트로닉스 엔.브이. 보안 호스트 인터페이스
US7865734B2 (en) * 2005-05-12 2011-01-04 The Invention Science Fund I, Llc Write accessibility for electronic paper
US7739510B2 (en) * 2005-05-12 2010-06-15 The Invention Science Fund I, Inc Alert options for electronic-paper verification
US7856555B2 (en) * 2005-01-20 2010-12-21 The Invention Science Fund I, Llc Write accessibility for electronic paper
US7669245B2 (en) * 2005-06-08 2010-02-23 Searete, Llc User accessibility to electronic paper
US8063878B2 (en) 2005-01-20 2011-11-22 The Invention Science Fund I, Llc Permanent electronic paper
US7643005B2 (en) * 2005-01-20 2010-01-05 Searete, Llc Semi-permanent electronic paper
US8281142B2 (en) * 2005-01-20 2012-10-02 The Invention Science Fund I, Llc Notarizable electronic paper
US7774606B2 (en) 2005-01-20 2010-08-10 The Invention Science Fund I, Inc Write accessibility for electronic paper
US8640259B2 (en) 2005-01-20 2014-01-28 The Invention Science Fund I, Llc Notarizable electronic paper
US8438645B2 (en) 2005-04-27 2013-05-07 Microsoft Corporation Secure clock with grace periods
US8725646B2 (en) 2005-04-15 2014-05-13 Microsoft Corporation Output protection levels
US20060265758A1 (en) * 2005-05-20 2006-11-23 Microsoft Corporation Extensible media rights
US8984636B2 (en) * 2005-07-29 2015-03-17 Bit9, Inc. Content extractor and analysis system
US7895651B2 (en) * 2005-07-29 2011-02-22 Bit 9, Inc. Content tracking in a network security system
US20070028291A1 (en) * 2005-07-29 2007-02-01 Bit 9, Inc. Parametric content control in a network security system
US8272058B2 (en) * 2005-07-29 2012-09-18 Bit 9, Inc. Centralized timed analysis in a network security system
CN101305375A (zh) * 2005-09-12 2008-11-12 沙盒技术有限公司 用于控制电子信息的分发的系统和方法
US8306918B2 (en) * 2005-10-11 2012-11-06 Apple Inc. Use of media storage structure with multiple pieces of content in a content-distribution system
US7634585B2 (en) * 2005-11-04 2009-12-15 Sandisk Corporation In-line cache using nonvolatile memory between host and disk device
US20070106842A1 (en) * 2005-11-04 2007-05-10 Conley Kevin M Enhanced first level storage caching methods using nonvolatile memory
US8078788B2 (en) 2005-12-08 2011-12-13 Sandisk Technologies Inc. Media card command pass through methods
US8181220B2 (en) 2005-12-19 2012-05-15 Adobe Systems Incorporated Method and apparatus for digital rights management policies
KR100757845B1 (ko) * 2006-02-13 2007-09-11 (주)잉카엔트웍스 클라이언트 기기로 암호화된 컨텐츠에 대응하는 라이센스를제공하는 방법 및 상기 방법을 채용한 drm 변환 시스템
US8224751B2 (en) 2006-05-03 2012-07-17 Apple Inc. Device-independent management of cryptographic information
KR100857850B1 (ko) 2006-05-26 2008-09-10 엔에이치엔(주) 바이러스 특성을 이용하여 drm 및 트래킹을 수행하는방법 및 상기 방법을 수행하는 시스템
US20070300058A1 (en) * 2006-06-21 2007-12-27 Nokia Corporation Credential Provisioning For Mobile Devices
US7890747B2 (en) * 2006-07-06 2011-02-15 Accenture Global Services Limited Display of decrypted data by a graphics processing unit
US9356935B2 (en) * 2006-09-12 2016-05-31 Adobe Systems Incorporated Selective access to portions of digital content
US8839005B2 (en) 2006-09-13 2014-09-16 Sandisk Technologies Inc. Apparatus for transferring licensed digital content between users
US20080133419A1 (en) * 2006-12-05 2008-06-05 Brian Wormington Secure financial transaction system and method
KR101369399B1 (ko) * 2006-12-29 2014-03-05 삼성전자주식회사 Drm 에이전트-렌더링 어플리케이션 분리 환경에서수행되는 drm 관련 권한 통제 방법 및 시스템
US8266706B2 (en) * 2007-01-26 2012-09-11 Microsoft Corporation Cryptographically controlling access to documents
EP1990971A3 (en) * 2007-05-11 2009-01-21 Thomson Licensing Protecting live content in a network
US8347098B2 (en) * 2007-05-22 2013-01-01 Apple Inc. Media storage structures for storing content, devices for using such structures, systems for distributing such structures
US9311492B2 (en) 2007-05-22 2016-04-12 Apple Inc. Media storage structures for storing content, devices for using such structures, systems for distributing such structures
US20080301003A1 (en) * 2007-05-31 2008-12-04 Daniel Harkabi System for Online Buying
CN101421704B (zh) * 2007-06-19 2014-01-08 特科2000国际有限公司 读取外部存储设备的内容的系统、方法和装置
US9032154B2 (en) 2007-12-13 2015-05-12 Sandisk Technologies Inc. Integration of secure data transfer applications for generic IO devices
US20090164568A1 (en) * 2007-12-20 2009-06-25 Electronics And Telecommunications Research Institute Method for integrating management of posted articles and terminal for the same
CN101739518B (zh) * 2008-11-21 2012-07-18 英属开曼群岛商康帝国际科技股份有限公司 局部启动数字权利管理引擎的方法与系统
US20110197144A1 (en) * 2010-01-06 2011-08-11 Terry Coatta Method And System Of Providing A Viewing Experience With Respect To A Document Having Read-only Content
US20120311289A1 (en) * 2011-05-31 2012-12-06 Somasundaram Meiyappan Persistent data storage
CN102222195B (zh) * 2011-07-29 2014-03-26 飞天诚信科技股份有限公司 电子书阅读方法和系统
KR20130101640A (ko) * 2012-02-21 2013-09-16 삼성전자주식회사 보안 컨텍스트를 이용한 drm/cas 서비스 장치 및 방법
US9767259B2 (en) * 2012-05-07 2017-09-19 Google Inc. Detection of unauthorized content in live multiuser composite streams
US10540511B2 (en) * 2016-03-31 2020-01-21 Intralinks, Inc. Information rights management offline file access facility

Family Cites Families (56)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0778718B2 (ja) * 1985-10-16 1995-08-23 株式会社日立製作所 画像表示装置
US5446896A (en) * 1990-12-17 1995-08-29 Next, Inc. Method and apparatus for inter-program communication
EP0715241B1 (en) * 1994-10-27 2004-01-14 Mitsubishi Corporation Apparatus for data copyright management system
US20050149450A1 (en) * 1994-11-23 2005-07-07 Contentguard Holdings, Inc. System, method, and device for controlling distribution and use of digital works based on a usage rights grammar
JPH08263438A (ja) * 1994-11-23 1996-10-11 Xerox Corp ディジタルワークの配給及び使用制御システム並びにディジタルワークへのアクセス制御方法
CN1183841A (zh) * 1995-02-13 1998-06-03 英特特拉斯特技术公司 用于安全交易管理和电子权利保护的系统和方法
US5530235A (en) * 1995-02-16 1996-06-25 Xerox Corporation Interactive contents revealing storage device
US5887269A (en) * 1995-04-07 1999-03-23 Delco Elecronics Corporation Data product authorization control for GPS navigation system
JP3587916B2 (ja) * 1995-10-31 2004-11-10 ブラザー工業株式会社 映像音声データ供給装置
EP0880840A4 (en) * 1996-01-11 2002-10-23 Mrj Inc DEVICE FOR CONTROLLING ACCESS AND DISTRIBUTION OF DIGITAL PROPERTY
US6055314A (en) * 1996-03-22 2000-04-25 Microsoft Corporation System and method for secure purchase and delivery of video content programs
US5956034A (en) * 1996-08-13 1999-09-21 Softbook Press, Inc. Method and apparatus for viewing electronic reading materials
US5847698A (en) * 1996-09-17 1998-12-08 Dataventures, Inc. Electronic book device
US5825879A (en) * 1996-09-30 1998-10-20 Intel Corporation System and method for copy-protecting distributed video content
WO1998042098A1 (en) * 1997-03-14 1998-09-24 Cryptoworks, Inc. Digital product rights management technique
US6611358B1 (en) * 1997-06-17 2003-08-26 Lucent Technologies Inc. Document transcoding system and method for mobile stations and wireless infrastructure employing the same
JP3469747B2 (ja) * 1997-08-21 2003-11-25 ソニー株式会社 画像読み取り装置
US6598164B1 (en) * 1998-04-13 2003-07-22 Nüp2 Incorporated Device and method for reducing piracy of digitized information
US20020141499A1 (en) * 1999-02-04 2002-10-03 Goertzen Kenbe D. Scalable programmable motion image system
US6732275B1 (en) * 1999-03-23 2004-05-04 Samsung Electronics Co., Ltd. Securing encrypted files in a PC and PC peripheral environment
US6351547B1 (en) * 1999-04-28 2002-02-26 General Electric Company Method and apparatus for formatting digital images to conform to communications standard
WO2000074054A2 (en) * 1999-05-28 2000-12-07 Matsushita Electric Industrial Co., Ltd. Semiconductor memory card, apparatus for recording data onto the semiconductor memory card, and apparatus for reproducing data of the semiconductor memory card
GB9916212D0 (en) * 1999-07-09 1999-09-15 Simmons Douglas M A system and method for distributing electronic publications
EP1076279A1 (en) * 1999-08-13 2001-02-14 Hewlett-Packard Company Computer platforms and their methods of operation
GB9922665D0 (en) * 1999-09-25 1999-11-24 Hewlett Packard Co A method of enforcing trusted functionality in a full function platform
US6697944B1 (en) * 1999-10-01 2004-02-24 Microsoft Corporation Digital content distribution, transmission and protection system and method, and portable device for use therewith
CN100470514C (zh) * 1999-11-01 2009-03-18 精工爱普生株式会社 数据输出控制装置及数据输出服务提供方法
US6886036B1 (en) * 1999-11-02 2005-04-26 Nokia Corporation System and method for enhanced data access efficiency using an electronic book over data networks
US7068381B1 (en) * 2000-02-02 2006-06-27 Raja Tuli Portable high speed internet access device
US7023572B2 (en) * 2000-02-02 2006-04-04 Raja Singh Tuli Portable high speed internet access device
US7249105B1 (en) * 2000-03-14 2007-07-24 Microsoft Corporation BORE-resistant digital goods configuration and distribution methods and arrangements
GB0012791D0 (en) * 2000-05-25 2000-07-19 Breakertech Inc Mobile node-lock
WO2001093000A2 (en) * 2000-05-31 2001-12-06 Zoran Corporation Secure electronic internet delivery and use of music and other valuable data
US6738614B1 (en) * 2000-06-19 2004-05-18 1477.Com Wireless, Inc. Method and system for communicating data to a wireless device
US7262873B1 (en) * 2000-07-05 2007-08-28 Lexmark International, Inc. Photoprinter access to remote data
JP2002073421A (ja) * 2000-08-31 2002-03-12 Matsushita Electric Ind Co Ltd ライセンス発行装置、コンテンツ再生装置、ライセンス発行方法、およびコンテンツ再生方法
JP3520859B2 (ja) * 2000-09-01 2004-04-19 セイコーエプソン株式会社 画像ファイルの出力画像調整
JP4219680B2 (ja) * 2000-12-07 2009-02-04 サンディスク コーポレイション 不揮発性メモリカード、コンパクトディスクまたはその他のメディアから記録済みのオーディオ、ビデオまたはその他のコンテンツを再生するためのシステム、方法およびデバイス
US7350228B2 (en) * 2001-01-23 2008-03-25 Portauthority Technologies Inc. Method for securing digital content
JP4271876B2 (ja) * 2001-02-20 2009-06-03 株式会社日立製作所 ディジタルコンテンツ生成方法及び関連装置
US7213004B2 (en) * 2001-04-12 2007-05-01 Koninklijke Philips Electronics N.V. Apparatus and methods for attacking a screening algorithm based on partitioning of content
EP1440438A1 (en) * 2001-05-18 2004-07-28 Valentin Alexandrovich Michtchenko Method for recording, distributing and reproducing information recorded on data carriers
US7222104B2 (en) * 2001-05-31 2007-05-22 Contentguard Holdings, Inc. Method and apparatus for transferring usage rights and digital work having transferrable usage rights
US6876984B2 (en) * 2001-05-31 2005-04-05 Contentguard Holdings, Inc. Method and apparatus for establishing usage rights for digital content to be created in the future
US7421411B2 (en) * 2001-07-06 2008-09-02 Nokia Corporation Digital rights management in a mobile communications environment
US6922725B2 (en) * 2001-09-07 2005-07-26 Xerox Corporation Method and apparatus for processing document service requests originating from a mobile computing device
EP1469396A4 (en) * 2001-12-29 2005-03-23 Tai Guen Entpr Co Ltd PORTABLE DATA IMPLEMENTATION PROCESSOR WITH STANDARD DATA PORT
KR100467929B1 (ko) * 2002-02-28 2005-01-24 주식회사 마크애니 디지털 컨텐츠의 보호 및 관리를 위한 시스템
US7257309B1 (en) * 2002-03-05 2007-08-14 Avica Technology Corporation Distributed storage of audio/video content
JP4119152B2 (ja) * 2002-04-17 2008-07-16 株式会社ルネサステクノロジ 半導体集積回路装置
JP2005535958A (ja) * 2002-08-08 2005-11-24 エム−システムズ フラッシュ ディスク パイオニアーズ リミテッド デジタル著作権管理のための集積回路
US7979700B2 (en) * 2002-08-23 2011-07-12 Sandisk Corporation Apparatus, system and method for securing digital documents in a digital appliance
US7313814B2 (en) * 2003-04-01 2007-12-25 Microsoft Corporation Scalable, error resilient DRM for scalable media
EP1652061A2 (en) * 2003-07-28 2006-05-03 SanDisk Secure Content Solutions, Inc. System, apparatus and method for controlling a storage device
CN101073238A (zh) * 2004-02-03 2007-11-14 桑迪士克防护内容解决公司 数字数据内容的保护
US20080065552A1 (en) * 2006-09-13 2008-03-13 Gidon Elazar Marketplace for Transferring Licensed Digital Content

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2004019191A2 *

Also Published As

Publication number Publication date
WO2004019191A2 (en) 2004-03-04
JP2005536951A (ja) 2005-12-02
US20040039932A1 (en) 2004-02-26
CA2495196A1 (en) 2004-03-04
WO2004019191A3 (en) 2004-04-22
CN1777851A (zh) 2006-05-24
KR20050058488A (ko) 2005-06-16
AU2003263916A1 (en) 2004-03-11

Similar Documents

Publication Publication Date Title
US8595488B2 (en) Apparatus, system and method for securing digital documents in a digital appliance
US20040039932A1 (en) Apparatus, system and method for securing digital documents in a digital appliance
EP1686504B1 (en) Flexible licensing architecture in content rights management systems
CN100583083C (zh) 用于处理数字版权对象的设备和方法
US8707404B2 (en) System and method for transparently authenticating a user to a digital rights management entity
JP4912406B2 (ja) 第1プラットフォームから第2プラットフォームへのディジタルライセンスの移送
US8204233B2 (en) Administration of data encryption in enterprise computer systems
US8359473B1 (en) System and method for digital rights management using digital signatures
JP5033916B2 (ja) 圧縮ファイルに係わるデジタル著作権の管理方法
US20110185179A1 (en) System And Method For Digital Rights Management With A Lightweight Digital Watermarking Component
EP1630998A1 (en) User terminal for receiving license
US20130132733A1 (en) System And Method For Digital Rights Management With System Individualization
WO2008039246A2 (en) System and method for drm translation
EP2065828B1 (en) Media storage structures for storing content, devices for using such structures, systems for distributing such structures
CN109145617B (zh) 一种基于区块链的数字版权保护方法及系统
CN101578608B (zh) 用于基于会话票证存取内容的方法及设备
JP2004110197A (ja) センタ・システムにおける情報処理方法及びアクセス権限管理方法
US20050060544A1 (en) System and method for digital content management and controlling copyright protection
JP2009080772A (ja) ソフトウェア起動システム、ソフトウェア起動方法、及びソフトウェア起動プログラム
CN102222195B (zh) 电子书阅读方法和系统
US9124422B2 (en) System and method for digital rights management with secure application-content binding
JP2006172351A (ja) リムーバブルメディア利用によるコンテンツの使用期限管理方法及びシステム
KR100814064B1 (ko) Drm 컨텐츠 패키징 방법 및 시스템
CN101617318A (zh) 用于将内容与许可证链接的方法及设备
JP2010510575A (ja) コンテンツをライセンスとリンクさせる方法および装置

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20050222

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LI LU MC NL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL LT LV MK

DAX Request for extension of the european patent (deleted)
RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: SANDISK SECURE CONTENT SOLUTIONS, INC.

17Q First examination report despatched

Effective date: 20060621

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED

18R Application refused

Effective date: 20091013